EPSS
Percentile
55.4%
The plugin does not properly escape the post_id parameter and lacks sufficient preparation on the SQL query, leading to SQL Injection vulnerability.
www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/wp-replicate-post/wp-replicate-post-402-authenticated-contributor-sql-injection